Understanding the Technology Behind Virtual Data Rooms

The Virtual Data Room (VDR) market is set to be a billion dollar business over the next couple of years. A report published by IBISWorld pegs the current industry revenue at $832 million with annual growth rates of around 13.7%. So what exactly are virtual data rooms and how do they work? Here’s a primer on the technology behind VDRs.

What Is a VDR?

A virtual data room is an online repository that enterprise businesses use to store highly sensitive and classified information online. They are not merely digital archives used to create backups of company documents.

Instead, VDRs serve as an interface for businesses. Companies have the ability not only to store but also to share their business documents with third party stakeholders such as investors, attorneys, and shareholders. And they can do so without compromising confidentiality. Businesses primarily use VDRs during fundraising, IPOs and audits.

[easy-tweet tweet=” The first component of a VDR is file storage in the cloud.” hashtags=”Cloud, Storage”]

Secure File Storage in the Cloud

The first component of a VDR is file storage in the cloud. At first glance, VDR storage might not seem any different from generic cloud hosting. The key difference here is data encryption and accessibility.

Generic cloud hosting services are secure in the sense that any kind of data transmission to and from the server is encrypted. Encryption prevents unauthorised access to the information by third party hackers. But while the transmission lines are secure, the document itself is not.

Anyone with a direct link to the hosted file might be able to access the information. And this possibility remains, irrespective of whether or not the data transfer to and from the server itself is encrypted.

A VDR, on the other hand, encrypts the data transfer lines as well as the documents themselves. This way, businesses can ensure that in the event of successful third party intrusions, the hackers are left with nothing but gibberish data that cannot be comprehended without the right encryption key.

Multi-Factor Authentication (MFA)

Secure file storage is only one part of the story. File sharing can be tricky, given that it might not always be possible to track down the source of a leaked document. VDRs play a critical role in establishing the rules of accessibility of the hosted documents.

There are two steps to ensuring the security of the hosted documents during file sharing. Once decrypted, the files are only rendered to users who can validate their identities with the help of a unique secondary authentication process.

This second step could be anything from SMS-based OTP (one-time passwords) to RSA tokens and biometrics. However, with the U.S. National Institute of Standards and Technology (NIST) recently declaring that SMS-based two-factor authentication as unsafe, more and more VDRs are now moving towards alternate forms of validation.

Digital Watermarking

[easy-tweet tweet=”Digital watermarking is the process of covertly embedding a marker in the video” hashtags=”Digital, Video “]

While multi-factor authentication (MFA) systems protect documents from unauthorised access, they still do not protect customers from illegal leaks. Protection from illegal leaks is made possible through watermarking.

Digital watermarking is the process of covertly embedding a marker in the video, audio or image-based data. You can then identify that data with the help of a secure algorithm. Digital watermarking enables you to trace every copy or file you download or view from the VDR. It is, therefore, possible to accurately recognise the source of a leak.

In essence, a virtual data room has four technological components: secure file transfer, encrypted storage, MFA-based document access, and digitally watermarked document access. Not all VDRs necessarily come with all of these features.

A VDR’s features depend on the requirements of the end customer and the level of confidentiality needed. Nevertheless, these properties make VDRs an attractive option for businesses looking for a safe and reliable way to manage sensitive information.

Christopher Low is a project manager and lead developer with Sherlock Software. He is also the founder and owner of MyTeamPlan, a desktop-based project management software tool that is targeted at small and medium businesses.